There were error(s) loading the rules: pfctl: DIOCADDRULENV: Device busy
-
I assume not every time that error is shown though?
-
@stephenw10 No, just 2x
-
Hmm, OK. 2x too many!
Do you know if it remains responsive at the console when that happens?
-
@stephenw10 I wish I could say, but its a remote location and has only acted this way when I'm not on site... last time was 24 hours after I left...frustrating
-
Are you able to upload a status file to us to review?
-
@stephenw10 of course, pls tell me what to do =)
-
Great, you can pull the status_output file from the GUI. See:
https://docs.netgate.com/pfsense/en/latest/recipes/diagnostic-data.html#view-and-download-diagnostic-data-in-the-guiThen upload it here:
https://nc.netgate.com/nextcloud/s/YfciQktBin7fLEM -
@stephenw10 All done sir
-
Great I see that. Checking....
-
Mmm, OK nothing obvious there. I'm going to consult developers on this.
-
Ok, the likely cause here is a race condition between filter reloads triggered close to simultaneously.
That obviously shouldn't happen but you can probably mitigate it by tuning your gateway parameters for the WG_VPN_HQ gateway. Currently that is continually throwing alarms and reloading the filter every time it does. I suspect when you see this error it ends up thowing several alarms and queing up reloads.
I would try either setting the monitoring values to far higher numbers, say 50% and 500ms, or disabling monitoring action on the gateway. If that prevents or reduces the errors you're seeing that would prove the theory.
Steve
-
@stephenw10 From a troubleshooting standpoint, it makes sense since these overseas vpn can have spotty connection from time to time. I already made those adjustments... waiting to see what happened :D Thanks @stephenw10 much appreciated!
-
I’m also seeing this message pop up a lot recently on one of my 23.09.1 firewalls. I’m counting 8 messages between 4/15 to today (4/28).
It’s always an alert saying:
There were error(s) loading the rules: pfctl: DIOCADDRULENV: Device busy - The line in question reads [0]:Followed by another alert saying:
PF was wedged/busy and has been reset. -
Same question as the OP here. Anything logged? Any 'exotic' rules? Anything else unusual?
-
Same issue here, almost every day (some times twice a day)
06:30:00 PF was wedged/busy and has been reset.
06:30:00 There were error(s) loading the rules: pfctl: DIOCADDRULENV: Device busy - The line in question reads [0]:system general log
Aug 26 06:30:00 php-cgi 51879 rc.filter_configure_sync: New alert found: There were error(s) loading the rules: pfctl: DIOCADDRULENV: Device busy - The line in question reads [0]:
Aug 26 06:30:00 php-cgi 51879 rc.filter_configure_sync: New alert found: PF was wedged/busy and has been reset.
Aug 26 06:28:00 sshguard 54936 Now monitoring attacks.
Aug 26 06:28:00 sshguard 55063 Exiting on signal. -
Is there anything else logged? An alert shown in the system?
Can you replicate it by running Status > Filter Reload?
-
Only the warning in GUI and by email (twice a day)
yesterday
16:15:00 PF was wedged/busy and has been reset.
16:15:00 There were error(s) loading the rules: pfctl: DIOCADDRULENV: Device busy - The line in question reads [0]:
19:00:00 PF was wedged/busy and has been reset.
19:00:00 There were error(s) loading the rules: pfctl: DIOCADDRULENV: Device busy - The line in question reads [0]:monday:
06:30:00 PF was wedged/busy and has been reset.
06:30:00 There were error(s) loading the rules: pfctl: DIOCADDRULENV: Device busy - The line in question reads [0]:
01:30:00 PF was wedged/busy and has been reset.
01:30:00 There were error(s) loading the rules: pfctl: DIOCADDRULENV: Device busy - The line in question reads [0]:Q: Can you replicate it by running Status > Filter Reload?
A: Cannot replicate the error, no issues when running filter reload, all rules are loaded normallyI can provide the status_output file from the GUI
-
Happened for me again 3x, on a different pfsense box..
pf_busy
PF was wedged/busy and has been reset. @ 2024-08-08 16:20:11
PF was wedged/busy and has been reset. @ 2024-08-13 06:44:50
PF was wedged/busy and has been reset. @ 2024-08-21 14:50:18
Filter ReloadThere were error(s) loading the rules: pfctl: DIOCADDRULENV: Device busy - The line in question reads [0]: @ 2024-08-08 16:20:12
There were error(s) loading the rules: pfctl: DIOCADDRULENV: Device busy - The line in question reads [0]: @ 2024-08-13 06:44:51
There were error(s) loading the rules: pfctl: DIOCADDRULENV: Device busy - The line in question reads [0]: @ 2024-08-21 14:50:19 -
You can upload a status file here: https://nc.netgate.com/nextcloud/s/fLa8Rr8Km5Bq4rt
-
@stephenw10 uploaded the status
